LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Thursday, April 16th, 2015

    Time Event
    12:48a
    [$] LWN.net Weekly Edition for April 16, 2015
    The LWN.net Weekly Edition for April 16, 2015 is available.
    3:01p
    Security updates for Thursday

    Debian has updated gst-plugins-bad0.10 (code execution), inspircd (code execution from 2012), movabletype-opensource (code execution), and ppp (denial of service).

    Debian-LTS has updated ruby1.9.1 (three vulnerabilities).

    Mageia has updated java-1.7.0-openjdk (multiple vulnerabilities), mono (three SSL/TLS vulnerabilities), and python-dulwich (two code execution flaws).

    openSUSE has updated flash-player (11.4: 45 vulnerabilities) and rubygem-rest-client (13.2, 13.1: plaintext password logging).

    Oracle has updated java-1.6.0-openjdk (OL5: unspecified vulnerabilities) and java-1.7.0-openjdk (OL5: unspecified vulnerabilities).

    Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities), java-1.6.0-openjdk (RHEL5,6&7: multiple vulnerabilities), java-1.7.0-openjdk (RHEL5; RHEL6&7: multiple vulnerabilities), and java-1.8.0-openjdk (RHEL6&7: multiple vulnerabilities).

    Scientific Linux has updated java-1.6.0-openjdk (SL5,6&7: multiple vulnerabilities), java-1.7.0-openjdk (SL5; SL6&7: multiple vulnerabilities), and java-1.8.0-openjdk (SL6&7: multiple vulnerabilities).

    SUSE has updated flash-player (SLE11SP3: 22 vulnerabilities).

    8:13p
    Boyer: Fedora 22 and Kernel 4.0
    On his blog, Josh Boyer looks at the choice of the 4.0 kernel for Fedora 22. While the underpinnings of the live kernel patching feature have been merged, even when it is fully operational it is probably not something that Fedora (and perhaps other distributions) will use often (or at all). "In reality, we might not ever really leverage the live patching functionality in Fedora itself. It is understandable that people want to patch their kernel without rebooting, but the mechanism is mostly targeted at small bugfixes and security patches. You cannot, for example, live patch from version 4.0 to 4.1. Given that the Fedora kernel rebases both from stable kernel (e.g. 3.19.2 to 3.19.3) and major release kernels over the lifetime of a Fedora release, we don't have much opportunity to build the live patches."
    9:19p
    GNU Hurd 0.6 released
    It has been roughly a year and a half since the last release of the GNU Hurd operating
    system, so it may be of interest to some readers that GNU Hurd 0.6 has been
    released along with
    GNU Mach 1.5 (the microkernel that Hurd
    runs on) and GNU MIG 1.5 (the Mach Interface Generator, which
    generates code to handle remote procedure calls). New features include
    procfs and random translators; cleanups and stylistic fixes, some of which
    came from static analysis; message dispatching improvements; integer
    hashing performance improvements; a split of the init server into a
    startup server and an init program based on System V init; and more. "GNU Hurd runs on 32-bit x86 machines. A version running on 64-bit x86
    (x86_64) machines is in progress. Volunteers interested in ports to
    other architectures are sought; please contact us (see below) if you'd
    like to help.

    To compile the Hurd, you need a toolchain configured to target i?86-gnu;
    you cannot use a toolchain targeting GNU/Linux. Also note that you
    cannot run the Hurd "in isolation": you'll need to add further components
    such as the GNU Mach microkernel and the GNU C Library (glibc), to turn
    it into a runnable system.    "

    << Previous Day 2015/04/16
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org